The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform repository inspection and language detection. Evidence: modules/language-audit.md contains commands such as git ls-files, ripgrep, and ls -1 used to identify manifest files and source code distribution. These operations are standard read-only repository audits.
[PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection through external data ingestion. * Ingestion points: Step 2 of SKILL.md and modules/exemplar-research.md define a workflow where the agent uses WebSearch to find and capture content from external GitHub repositories. * Boundary markers: The instructions do not provide explicit delimiters or warnings to the agent to disregard instructions potentially embedded within the external README files being researched. * Capability inventory: The skill has access to powerful tools including Write, Edit, and Bash, which could be exploited if the agent obeys instructions found in external content. * Sanitization: There is no evidence of sanitization or integrity validation for the data retrieved from external sources before it is processed by the AI.

update-readme